peter/.dotfiles
1
0
Fork 0
Code Activity
.dotfiles/.docker/stacks/home-network/docker-compose.yml
Peter Domínguez 07a879aad3 replace the old domain with the new one
2025-06-05 13:40:45 -04:00

287 lines
8.5 KiB
YAML
Raw Permalink Blame History

networks:
dns_net:
driver: bridge
ipam:
config:
- subnet: 172.20.0.0/16
services:
pihole:
container_name: pihole
image: pihole/pihole:latest
networks:
dns_net:
ipv4_address: 172.20.0.6
ports:
# DNS Ports
- "53:53/tcp"
- "53:53/udp"
# Default HTTP Port
- "6345:80/tcp"
# Default HTTPs Port. FTL will generate a self-signed certificate
- "6346:443/tcp"
# Uncomment the below if using Pi-hole as your DHCP Server
#- "67:67/udp"
environment:
# Set the appropriate timezone for your location (https://en.wikipedia.org/wiki/List_of_tz_database_time_zones), e.g:
TZ: 'America/Santo_Domingo'
# Set a password to access the web interface. Not setting one will result in a random password being assigned
FTLCONF_webserver_api_password: ${FTLCONF_webserver_api_password}
PIHOLE_DNS_: '172.20.0.7#5335'
CUSTOM_CACHE_SIZE: 0
# Volumes store your data between container upgrades
volumes:
# For persisting Pi-hole's databases and common configuration file
- '/home/guts/docker/pihole:/etc/pihole'
# Uncomment the below if you have custom dnsmasq config files that you want to persist. Not needed for most starting fresh with Pi-hole v6. If you're upgrading from v5 you and have used this directory before, you should keep it enabled for the first v6 container start to allow for a complete migration. It can be removed afterwards
- '/home/guts/docker/dnsmasq.d:/etc/dnsmasq.d'
cap_add:
# See https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
# Required if you are using Pi-hole as your DHCP server, else not needed
- NET_ADMIN
restart: always
unbound:
container_name: unbound
image: madnuttah/unbound:latest
hostname: unbound
networks:
dns_net:
ipv4_address: 172.20.0.7
environment:
- TZ=America/Santo_Domingo
- ServerIP=172.20.0.7
- UNBOUND_UID=1000 #Example only, check your docker user info
- UNBOUND_GID=1000
volumes:
- /home/guts/docker/unbound/conf.d:/usr/local/unbound/conf.d/:rw
- /home/guts/docker/unbound/unbound.conf:/usr/local/unbound/unbound.conf:rw
- /home/guts/docker/unbound/log.d/unbound.log:/usr/local/unbound/log.d/unbound.log:rw
- /home/guts/docker/unbound/zones.d:/usr/local/unbound/zones.d/:rw
- /home/guts/docker/unbound/iana.d:/usr/local/unbound/iana.d/:rw
ports:
- "5335:5335/tcp"
- "5335:5335/udp"
restart: unless-stopped
dockerproxy:
image: ghcr.io/tecnativa/docker-socket-proxy:latest
container_name: dockerproxy
environment:
- CONTAINERS=1 # Allow access to viewing containers
- SERVICES=1 # Allow access to viewing services (necessary when using Docker Swarm)
- TASKS=1 # Allow access to viewing tasks (necessary when using Docker Swarm)
- POST=0 # Disallow any POST operations (effectively read-only)
ports:
- 2375:2375
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro # Mounted as read-only
restart: unless-stopped
homepage:
image: ghcr.io/gethomepage/homepage:latest
container_name: homepage
ports:
- 3000:3000
volumes:
- /home/guts/docker/homepage:/app/config # Make sure your local config directory exists
- /home/guts/docker/homepage/images:/app/public/images
env_file: ".env"
environment:
- PUID=1000
- PGID=1000
metube:
image: ghcr.io/alexta69/metube
container_name: metube
restart: unless-stopped
ports:
- "8081:8081"
volumes:
- /media/PHDD1/YouTube:/downloads
speedtest-tracker:
image: lscr.io/linuxserver/speedtest-tracker:latest
restart: unless-stopped
container_name: speedtest-tracker
ports:
- 9080:80
- 9443:443
environment:
- PUID=1000
- PGID=1000
- APP_KEY=${APP_KEY_SPEEDTEST}
- DB_CONNECTION=sqlite
- SPEEDTEST_SCHEDULE=6 */2 * * *
- SPEEDTEST_SERVERS=26513
volumes:
- /home/guts/docker/speedtest-tracker:/config
kavita:
image: lscr.io/linuxserver/kavita:latest
container_name: kavita
environment:
- PUID=1000
- PGID=1000
- TZ=Etc/UTC
volumes:
- /home/guts/docker/kavita:/config
- /media/network/kavita:/data
ports:
- 5000:5000
restart: unless-stopped
redis:
container_name: redis
image: docker.io/valkey/valkey:8-alpine
command: valkey-server --save 30 1 --loglevel warning
restart: unless-stopped
volumes:
- /home/guts/docker/valkey:/data
cap_drop:
- ALL
cap_add:
- SETGID
- SETUID
- DAC_OVERRIDE
logging:
driver: "json-file"
options:
max-size: "1m"
max-file: "1"
searxng:
container_name: searxng
image: docker.io/searxng/searxng:latest
restart: unless-stopped
ports:
- "8686:8080"
volumes:
- /home/guts/docker/searxng:/etc/searxng:rw
environment:
- SEARXNG_BASE_URL=https://search.nvim.pro/
- UWSGI_WORKERS=${SEARXNG_UWSGI_WORKERS:-4}
- UWSGI_THREADS=${SEARXNG_UWSGI_THREADS:-4}
logging:
driver: "json-file"
options:
max-size: "1m"
max-file: "1"
forgejo:
image: codeberg.org/forgejo/forgejo:11
container_name: forgejo
environment:
- USER_UID=1000
- USER_GID=1000
restart: always
volumes:
- /home/guts/docker/forgejo/data:/data
- /home/guts/docker/forgejo/timezone:/etc/timezone:ro
- /home/guts/docker/forgejo/localtime:/etc/localtime:ro
ports:
- '3005:3000'
- '222:22'
freshrss:
image: freshrss/freshrss:latest
container_name: freshrss
hostname: freshrss
restart: unless-stopped
logging:
options:
max-size: 10m
volumes:
- /var/www/freshrss/data:/var/www/FreshRSS/data
- /var/www/freshrss/extensions:/var/www/FreshRSS/extensions
ports:
- "8787:80"
environment:
TZ: America/Santo_Domingo
db:
image: mariadb:10.11
restart: always
command: --transaction-isolation=READ-COMMITTED
volumes:
- /var/lib/mysql/mariadb:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
- MYSQL_PASSWORD=${MYSQL_PASSWORD}
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
redis-nc:
image: redis:alpine
restart: always
app:
image: nextcloud
restart: always
ports:
- 8985:80
depends_on:
- redis-nc
- db
volumes:
- /var/www/nextcloud:/var/www/html
environment:
- MYSQL_PASSWORD=${MYSQL_PASSWORD}
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
- MYSQL_HOST=db
lighttpd:
image: gists/lighttpd
ports:
- "5679:80"
volumes:
- /var/www/peterspage:/var/www
environment:
- UID=1000
- GID=1000
restart: always
lighttpd2:
image: gists/lighttpd
ports:
- "5680:80"
volumes:
- /var/www/nvim.pro:/var/www
environment:
- UID=1000
- GID=1000
restart: always
navidrome:
image: deluan/navidrome:latest
user: 1000:1000 # should be owner of volumes
ports:
- "4533:4533"
restart: unless-stopped
environment:
- ND_SESSIONTIMEOUT=24h
- ND_DEFAULTTHEME=Nuclear
- ND_UILOGINBACKGROUNDURL="https://peterdominguez.art/misc/navidromebg.png"
volumes:
- /home/guts/docker/navidrome:/data
- /media/network/music:/music:ro
signal-cli-rest-api:
image: bbernhard/signal-cli-rest-api:latest
environment:
- MODE=normal #supported modes: json-rpc, native, normal
#- AUTO_RECEIVE_SCHEDULE=0 22 * * * #enable this parameter on demand (see description below)
ports:
- "5280:8080" #map docker port 8080 to host port 8080.
volumes:
- "/home/guts/docker/signal-cli:/home/.local/share/signal-cli" #map "signal-cli-config" folder on
memos:
image: neosmemo/memos:stable
container_name: memos
volumes:
- /home/guts/docker/memos:/var/opt/memos
ports:
- 5230:5230
redlib:
image: quay.io/redlib/redlib:latest
restart: always
container_name: "redlib"
ports:
- 9548:8080
user: nobody
read_only: true
security_opt:
- no-new-privileges:true
environment:
- REDLIB_DEFAULT_SHOW_NSFW=on
- REDLIB_DEFAULT_THEME=dracula
cap_drop:
- ALL
healthcheck:
test: ["CMD", "wget", "--spider", "-q", "--tries=1", "http://127.0.0.1:9548/settings"]
interval: 30s
timeout: 3s
View git blame Copy permalink